http://forensicswiki.org/w/index.php?title=AppArmor&feed=atom&action=historyAppArmor - Revision history2017-12-14T03:22:40ZRevision history for this page on the wikiMediaWiki 1.25.2http://forensicswiki.org/index.php?title=AppArmor&diff=8974&oldid=prevCapibara: New page: AppArmor, found in Suse and Ubuntu Linux, is a system for letting applications run according to the principle of least privilege. This can be a useful for running forensic or other...2008-11-24T21:34:07Z<p>New page: AppArmor, found in <a href="/index.php?title=Suse&amp;action=edit&amp;redlink=1" class="new" title="Suse (page does not exist)">Suse</a> and <a href="/wiki/Ubuntu" title="Ubuntu">Ubuntu</a> Linux, is a system for letting applications run according to the principle of least privilege. This can be a useful for running forensic or other...</p>
<p><b>New page</b></p><div>AppArmor, found in [[Suse]] and [[Ubuntu]] Linux, is a system for letting applications run according to the principle of least privilege.<br />
This can be a useful for running forensic or other tools of questionable stability (what according to many means almost all tools) on data <br />
that may constructed with malicious intent against the specific tool, and mitigating the potential damage to the forensic process.<br />
While AppArmor works with static profiles, it does not intervene in communication of open files over unix sockets, that thus can be used<br />
to dynamically communicate authority to an (untrusted) AppArmor confined tool.</div>Capibara